<?php
session_start();
require 'config.php';

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['verify'])) {
    $username = $_POST['username'];
    $email = $_POST['email'];

    $stmt = $conn->prepare("SELECT id FROM users WHERE username = ? AND email = ?");
    $stmt->bind_param("ss", $username, $email);
    $stmt->execute();
    $stmt->store_result();

    if ($stmt->num_rows > 0) {
        $_SESSION['verified_user'] = $username;
        $_SESSION['verified_email'] = $email;
        $verification_message = "验证成功，请输入新密码";
    } else {
        $error_message = "用户名或邮箱不正确";
    }

    $stmt->close();
}

if ($_SERVER["REQUEST_METHOD"] == "POST" && isset($_POST['reset_password'])) {
    $username = $_SESSION['verified_user'];
    $email = $_SESSION['verified_email'];
    $new_password = $_POST['new_password'];
    $confirm_password = $_POST['confirm_password'];

    if ($new_password !== $confirm_password) {
        $error_message = "新密码和确认密码不匹配";
    } else {
        $hashed_password = password_hash($new_password, PASSWORD_DEFAULT);

        $stmt = $conn->prepare("UPDATE users SET password = ? WHERE username = ? AND email = ?");
        $stmt->bind_param("sss", $hashed_password, $username, $email);

        if ($stmt->execute()) {
            $success_message = "密码已重置，请<a href='login.php'>登录</a>";
            unset($_SESSION['verified_user']);
            unset($_SESSION['verified_email']);
        } else {
            $error_message = "重置密码失败，请重试";
        }

        $stmt->close();
    }
}

$conn->close();
?>

<!DOCTYPE html>
<html lang="zh-CN">
<head>
    <meta charset="UTF-8">
    <meta name="viewport" content="width=device-width, initial-scale=1.0">
    <title>忘记密码 - 论坛</title>
    <link href="https://cdn.jsdelivr.net/npm/tailwindcss@2.2.19/dist/tailwind.min.css" rel="stylesheet">
    <style>
        .bg-cover-custom {
            background-image: url('https://images.unsplash.com/photo-1522199710521-72d69614c702?crop=entropy&cs=tinysrgb&fit=max&fm=jpg&ixid=MnwzNjUyOXwwfDF8c2VhcmNofDF8fGxhbmRzY2FwZXxlbnwwfHx8fDE2MzgzNzA1OTk&ixlib=rb-1.2.1&q=80&w=1920');
            background-size: cover;
            background-position: center;
        }
    </style>
</head>
<body class="h-screen flex items-center justify-center">
    <div class="flex flex-row w-full h-full">
        <div class="w-2/3 bg-cover-custom flex items-center justify-center">
            <div class="text-center text-white p-8">
                <h2 class="text-4xl font-bold mb-4">找回密码</h2>
                <p class="text-lg">请验证您的身份，然后输入新的密码...</p>
            </div>
        </div>
        <div class="w-1/3 bg-white p-8 rounded-2xl shadow-lg flex flex-col justify-center">
            <h2 class="text-2xl font-bold text-center mb-6">忘记密码</h2>
            <?php if (isset($error_message)): ?>
                <p class="text-red-500 text-center mb-4"><?php echo $error_message; ?></p>
            <?php endif; ?>
            <?php if (isset($success_message)): ?>
                <p class="text-green-500 text-center mb-4"><?php echo $success_message; ?></p>
            <?php endif; ?>
            <?php if (isset($verification_message)): ?>
                <p class="text-green-500 text-center mb-4"><?php echo $verification_message; ?></p>
            <?php endif; ?>

            <?php if (isset($_SESSION['verified_user']) && isset($_SESSION['verified_email'])): ?>
                <form action="forgot_password.php" method="POST" class="space-y-6">
                    <div class="space-y-2">
                        <label for="new_password" class="block text-sm font-medium text-gray-700">新密码:</label>
                        <div class="relative">
                            <input type="password" id="new_password" name="new_password" required placeholder="请输入新密码" class="w-full p-3 rounded-lg bg-gray-100 text-gray-700 border border-gray-300 focus:outline-none focus:ring-2 focus:ring-blue-500">
                        </div>
                    </div>
                    <div class="space-y-2">
                        <label for="confirm_password" class="block text-sm font-medium text-gray-700">确认新密码:</label>
                        <div class="relative">
                            <input type="password" id="confirm_password" name="confirm_password" required placeholder="请确认新密码" class="w-full p-3 rounded-lg bg-gray-100 text-gray-700 border border-gray-300 focus:outline-none focus:ring-2 focus:ring-blue-500">
                        </div>
                    </div>
                    <button type="submit" name="reset_password" class="w-full py-3 bg-blue-600 text-white rounded-lg hover:bg-blue-700 transition-colors focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-opacity-50">重置密码</button>
                </form>
            <?php else: ?>
                <form action="forgot_password.php" method="POST" class="space-y-6">
                    <div class="space-y-2">
                        <label for="username" class="block text-sm font-medium text-gray-700">用户名:</label>
                        <div class="relative">
                            <input type="text" id="username" name="username" required placeholder="请输入用户名" class="w-full p-3 rounded-lg bg-gray-100 text-gray-700 border border-gray-300 focus:outline-none focus:ring-2 focus:ring-blue-500">
                        </div>
                    </div>
                    <div class="space-y-2">
                        <label for="email" class="block text-sm font-medium text-gray-700">邮箱:</label>
                        <div class="relative">
                            <input type="email" id="email" name="email" required placeholder="请输入邮箱" class="w-full p-3 rounded-lg bg-gray-100 text-gray-700 border border-gray-300 focus:outline-none focus:ring-2 focus:ring-blue-500">
                        </div>
                    </div>
                    <button type="submit" name="verify" class="w-full py-3 bg-blue-600 text-white rounded-lg hover:bg-blue-700 transition-colors focus:outline-none focus:ring-2 focus:ring-blue-500 focus:ring-opacity-50">验证</button>
                </form>
            <?php endif; ?>
            <div class="mt-4 text-center">
                <a href="login.php" class="text-blue-500 hover:underline">登录</a> | <a href="register.php" class="text-blue-500 hover:underline">注册</a>
            </div>
        </div>
    </div>
</body>
</html>
